Hello, Just wondered why you marked CVE-2016-9179 as Slight mitigation in 2.8.9dev.10? Is there any documentation that says talks about the changes in 2.8.9dev.10? Thanks -- Brian May <bam@debian.org>